Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook? (2022) (technologyreview.com)
26 points by rmason 4 hours ago | hide | past | favorite | 4 comments
 help



Article spends many words on [training during product development] and few words on [security issues with devices sold to consumers]. Risks are the exact opposite.

'Guinea pigs' in this case were company employees, who at least gave permission to be recorded. And aware of that.

Consumers often don't give such permission (or are tricked into that), may not be aware of a device's capabilities, and post-sale firmware security is often weak to non-existent. That is the bigger risk.

I don't understand why so many devices 'need' 24/7 internet connectivity. In this example: do the training. Product works? Ship to consumers with connectivity disabled. Updated firmware available? Plug in USB stick a few times a year. Or have consumer push a "connect" service button, device downloads new firmware & disconnects. Why provide a 24/7 playground for hackers/bots etc?

Yeah I know companies selling these things have many reasons. But security-wise it makes no sense.



(2022)

I can only imagine what it’s like now.


2024: Some walkie talkies have explosive devices inside them. https://en.wikipedia.org/wiki/2024_Lebanon_electronic_device...

2025: Some solar inverters have backdoors to inject chaos into the grid. https://www.reuters.com/sustainability/climate-energy/ghost-...

2026: Robot dogs used by the police have a phone home connection that hides itself when it detects someone is observing https://www.youtube.com/watch?v=lA8WuXDXfcI&t=39s Yarbo lawn mowers found with backdoor: https://www.theverge.com/tech/928289/yarbo-remove-robot-lawn...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: